0345 313 11 11 | info@silver-lining.com

Not logged in | Login

Support search
News : Why we need to move away from pause and resume recording.

Why we need to move away from pause and resume recording.

In all honesty, pause and resume recording has had its day. It is high risk and not efficient for a PCI compliant environment. A pretty damning statement I know, but considering that 59 percent of call centers still use ‘pause and resume’, what are the grounds for such a drastic conclusion?

First thing’s first, what is ‘pause and resume’ recording? It’s pretty much what it says on the tin. Contact centers that take card payments over the phone pause their call recording while sensitive card details are given so that those details are not captured or stored.

The recording can be paused manually by the agent handling the call or automatically, for example when a payment page is opened. Once the payment is complete, the call recording resumes.
Simple enough, if not entirely elegant, but why did contact centers adopt this somewhat interruptive process into their workflows when there are such obvious flaws in the process? It’s simple: compliance.

So, back in 2006, the five largest payment card providers got together and formed the Payment Card Industry Security Standards Council (PCI SSC). In an effort to reduce and prevent fraud, they produced the PCI Data Security Standard (DSS), which sets out global guidance for anyone who accepts card payments on how to best process, store and transmit sensitive data about the card and its owner.

The standards insisted that payment card data should not be stored longer than necessary for the transaction, and sensitive card data, such as the three-digit validation code, should not be stored at all.

Call recording then became common place in call centres, which meant that any recorded calls that included sensitive card payment data potentially fell foul of PCI compliance.

Stopping recording altogether was, however, impractical and for many contact centers it was impossible. Call recording is vital for a number of reasons including; quality management; staff training; compliance with regulations and risk management.

And so this is where ‘pause and resume’ came in. It was the most immediately available answer to a very complex problem. But one of the biggest problems with ‘pause and resume’ is human behaviour. Employees and corporate partners are responsible for 60 percent of data breaches. In some cases more than 10% of those card details were still being recorded due to user error.

Even those that have invested in automation face the risk that a customer takes longer than expected getting their card details or repeats them when the recording has resumed.

Identifying the right problem
‘Pause and resume’ was the best answer available when contact centers faced an urgent need. But it was never an answer to PCI compliance.

There’s no point, therefore, trying to improve ‘pause and resume’. Instead, contact centers should be looking at alternative solutions that remove their contact centers from scope.

Choosing the right solution
There is a Silver Lining! Why not choose a solution that ensures no card information is ever seen or heard by the call recipient, without interruption to the phone conversation and without any need to pause, suppress or manipulate voice recordings.

This technique is called DTMF Clamping and delivers cost savings by reducing the number of PCI controls required and simplifying auditing and management.

Our PCI solution: how it works

  • Step 1:  The customer calls your contact centre and the conversation with the agent continues as normal.
  • Step 2:  The customer chooses to make a card payment.
  • Step 3:  The customer enters their card details using their telephone keypad ensuring no sensitive information is verbalised or captured by call recording systems.
  • Step 4:  The customer's card details are sent to the payment provider.

Out with the old, in with the new
By choosing a DTMF clamping solution you enable your customers to enter their card details directly through their telephone keypad. The transaction can take place at any point during the call with any advisor; enabling you to deliver an improved customer experience, whilst guaranteeing PCI-DSS compliance.

Your advisors can then remain on the call throughout the payment process as they are no longer exposed to cardholder data ­ simple as that. You will greatly reduce call abandonment rates and lost sales opportunities.

If you need a solution that completely prevents any possibility of fraud, whether your advisors are working in a contact centre, or remotely contact us today. Only then will your business be able to promote complete payment security, subsequently instilling customer confidence and readiness to transact.

Share this on social media:


Back to ListingPreviousNext

Video Case StudyCustomer Success Story

We support Fusion People with their IT and telecommunications. Watch how they made an annual saving of 40%.

     Watch the Video >     

Coffee Cup

Contact Us

Contact us today for help or advice on your IT & telecoms and receive a FREE Costa!

Contact Us